Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/aOVh7vwzjjcf90MyYQLpfTFbZhw.roa
File: aOVh7vwzjjcf90MyYQLpfTFbZhw.roa (raw, json)
Hash identifier: tZM9qKoahJ/QHWfS3OPzF2hwFOLzd6wzWANaLbMNomQ=
Subject key identifier: 68:E5:61:EE:FC:33:8E:37:1F:F7:43:32:61:02:E9:7D:31:5B:66:1C
Certificate issuer: /CN=04a5ec5f52668be50b4518b687cf8bd95930ae39
Certificate serial: 185058A3
Authority key identifier: 04:A5:EC:5F:52:66:8B:E5:0B:45:18:B6:87:CF:8B:D9:59:30:AE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKXsX1Jmi-ULRRi2h8-L2Vkwrjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/aOVh7vwzjjcf90MyYQLpfTFbZhw.roa
Signing time: Sat 01 Jan 2022 14:56:52 +0000
ROA not before: Sat 01 Jan 2022 14:56:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58010
IP address blocks: 185.60.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 407918755 (0x185058a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a5ec5f52668be50b4518b687cf8bd95930ae39
Validity
Not Before: Jan 1 14:56:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68e561eefc338e371ff743326102e97d315b661c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c5:7c:d0:e4:b5:36:67:38:e3:92:e2:29:66:
d6:04:5d:d5:eb:6b:1b:ac:5b:77:f4:4d:cd:bf:01:
19:f8:2c:40:58:f8:24:70:8f:73:07:0a:c1:b2:a4:
53:f3:d9:ac:52:ef:45:d2:41:7b:7d:1d:4f:03:59:
b1:24:d1:ea:2b:d9:05:38:7f:d8:39:11:14:60:50:
9d:ab:01:bb:c3:94:a7:8b:c7:9f:b7:e2:ff:c1:2f:
58:7f:43:4a:b8:ca:f6:68:a0:51:27:0d:39:51:f4:
b3:7a:9a:11:37:f1:95:d0:a3:49:f7:2a:bb:04:4c:
05:6f:90:23:ae:ed:a7:11:9e:e3:a9:33:41:55:59:
71:10:ed:30:9c:5a:a2:11:a6:e0:4f:c7:ea:6c:62:
6a:a0:c0:7f:7a:6d:3a:5c:f6:21:50:05:c5:dd:25:
f2:e4:8d:79:79:4b:01:d7:32:c5:ca:c8:6c:a4:14:
03:d2:cc:00:67:48:70:9b:ea:c2:7b:b9:df:5a:d8:
d6:56:5a:b9:77:71:c8:66:ac:fc:30:ec:c2:99:f5:
97:be:01:3c:f5:b8:fd:1b:1c:7e:0e:92:3c:a8:e1:
c4:22:a8:45:49:c6:12:1f:c3:53:3c:c7:82:16:9d:
d1:af:2a:1a:e5:95:bc:82:8c:37:b1:b0:f5:68:6b:
c9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E5:61:EE:FC:33:8E:37:1F:F7:43:32:61:02:E9:7D:31:5B:66:1C
X509v3 Authority Key Identifier:
keyid:04:A5:EC:5F:52:66:8B:E5:0B:45:18:B6:87:CF:8B:D9:59:30:AE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKXsX1Jmi-ULRRi2h8-L2Vkwrjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/aOVh7vwzjjcf90MyYQLpfTFbZhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/BKXsX1Jmi-ULRRi2h8-L2Vkwrjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.20.0/24
Signature Algorithm: sha256WithRSAEncryption
83:7f:5d:b5:ce:46:97:a0:20:52:15:2d:ee:e8:e7:3e:54:c8:
b9:39:d7:01:ee:fd:6b:28:69:9e:41:f0:71:4a:d5:e6:66:a6:
3d:cb:b4:13:d7:77:98:73:b5:c6:b8:a1:e8:0f:08:a9:90:42:
b9:b9:7c:ce:ac:f0:b6:3f:8d:e7:2b:6d:0d:6d:6c:12:e4:28:
2f:77:32:00:8c:54:54:09:41:b2:c3:10:19:e2:a5:b8:9f:41:
65:72:57:19:fa:d5:c0:f7:99:8b:6b:e6:ea:ea:fa:af:2e:ce:
a4:37:95:f8:20:84:74:99:b2:09:c1:fe:0a:4e:41:7f:94:26:
1e:13:ba:2e:31:69:83:6d:18:f7:18:42:7e:71:33:5a:88:e2:
69:60:93:5d:f7:5c:2d:a9:ed:4b:3e:13:63:71:84:80:1c:ef:
b2:b4:55:19:7d:11:33:2a:fb:8f:0f:a5:52:fb:b3:ca:4d:84:
59:8c:e0:de:a3:5c:64:90:dd:f3:e8:c2:4e:97:0d:c7:c0:eb:
1f:3e:f0:ce:01:1e:7f:68:21:8b:ec:79:a1:79:ea:4e:4e:84:
7d:78:a4:2a:98:69:3e:15:1f:5c:3d:1c:89:fc:40:26:6c:4b:
78:14:e9:55:e7:02:5a:e9:3b:f6:56:43:04:a9:e6:c3:6c:36:
ff:df:ed:ce
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGFBYozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGE1ZWM1ZjUyNjY4YmU1MGI0NTE4YjY4N2NmOGJkOTU5MzBhZTM5MB4XDTIyMDEw
MTE0NTY1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhlNTYxZWVmYzMz
OGUzNzFmZjc0MzMyNjEwMmU5N2QzMTViNjYxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXFfNDktTZnOOOS4ilm1gRd1etrG6xbd/RNzb8BGfgsQFj4
JHCPcwcKwbKkU/PZrFLvRdJBe30dTwNZsSTR6ivZBTh/2DkRFGBQnasBu8OUp4vH
n7fi/8EvWH9DSrjK9migUScNOVH0s3qaETfxldCjSfcquwRMBW+QI67tpxGe46kz
QVVZcRDtMJxaohGm4E/H6mxiaqDAf3ptOlz2IVAFxd0l8uSNeXlLAdcyxcrIbKQU
A9LMAGdIcJvqwnu531rY1lZauXdxyGas/DDswpn1l74BPPW4/Rscfg6SPKjhxCKo
RUnGEh/DUzzHghad0a8qGuWVvIKMN7Gw9WhryV8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRo5WHu/DOONx/3QzJhAul9MVtmHDAfBgNVHSMEGDAWgBQEpexfUmaL5QtF
GLaHz4vZWTCuOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JLWHNYMUptaS1VTFJSaTJoOC1MMlZrd3Jqay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvMDBlMzNlLWZkNzQtNDU4My05ODRlLWM2Yjg0Y2M1ODYxMC8x
L2FPVmg3dnd6ampjZjkwTXlZUUxwZlRGYlpody5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
MDBlMzNlLWZkNzQtNDU4My05ODRlLWM2Yjg0Y2M1ODYxMC8xL0JLWHNYMUptaS1V
TFJSaTJoOC1MMlZrd3Jqay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALk8FDANBgkqhkiG9w0BAQsFAAOC
AQEAg39dtc5Gl6AgUhUt7ujnPlTIuTnXAe79ayhpnkHwcUrV5mamPcu0E9d3mHO1
xrih6A8IqZBCubl8zqzwtj+N5yttDW1sEuQoL3cyAIxUVAlBssMQGeKluJ9BZXJX
GfrVwPeZi2vm6ur6ry7OpDeV+CCEdJmyCcH+Ck5Bf5QmHhO6LjFpg20Y9xhCfnEz
WojiaWCTXfdcLantSz4TY3GEgBzvsrRVGX0RMyr7jw+lUvuzyk2EWYzg3qNcZJDd
8+jCTpcNx8DrHz7wzgEef2ghi+x5oXnqTk6EfXikKphpPhUfXD0cifxAJmxLeBTp
VecCWuk79lZDBKnmw2w2/9/tzg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:25 2023 by rpki-client on console-fra.rpki-client.org